admin/Authorization
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed roleID

Browse Source
This commit is contained in:
F04C
2025-12-18 10:24:18 +08:00
parent 35f81447b2
commit 3608bcd148
5 changed files with 32 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
handlers/authorize.go
+1 -1
View File
@@ -53,7 +53,7 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
}
log.Print("Authorization request for user=", ctx.UserID, ", resource=", ctx.Resource, ", action=", ctx.Action)
log.Print("JWT claims user=", claims.UserID, ", username=", claims.Username, ", role=", claims.Role)
log.Print("JWT claims user=", claims.UserID, ", username=", claims.Username, ", role=", claims.RoleID)
// Verify JWT user matches request user (security check)
if ctx.UserID != claims.UserID {
helper.RespondWithError(w, http.StatusForbidden, "User ID mismatch")
handlers/authorize_test.go
+9 -9
View File
@@ -46,7 +46,7 @@ func TestAuthorizeHandlerInvalidJSON(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
req := httptest.NewRequest("POST", AuthCheckEndpoint, bytes.NewBufferString("invalid json"))
@@ -87,7 +87,7 @@ func TestAuthorizeHandlerMissingRequiredFields(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
body, _ := json.Marshal(tc.payload)
@@ -110,7 +110,7 @@ func TestAuthorizeHandlerUserIDMismatch(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
payload := models.AuthorizationContext{
@@ -139,7 +139,7 @@ func TestAuthorizeHandlerNilMaps(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
payload := models.AuthorizationContext{
@@ -177,7 +177,7 @@ func TestAuthorizeHandlerEmptyUserID(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
payload := models.AuthorizationContext{
@@ -203,7 +203,7 @@ func TestAuthorizeHandlerEmptyResource(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
payload := models.AuthorizationContext{
@@ -229,7 +229,7 @@ func TestAuthorizeHandlerEmptyAction(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
payload := models.AuthorizationContext{
@@ -270,7 +270,7 @@ func TestAuthorizeHandlerMalformedJSON(t *testing.T) {
claims := &models.Claims{
UserID: "user123",
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
testCases := []struct {
@@ -327,7 +327,7 @@ func TestAuthorizeHandlerSpecialCharactersInFields(t *testing.T) {
testClaims := &models.Claims{
UserID: tc.userID,
Username: "testuser",
Role: "admin",
RoleID: "admin",
}
ctx := context.WithValue(req.Context(), models.ContextKey("claims"), testClaims)
req = req.WithContext(ctx)